package tyk.Filter;

import tyk.Service.UserService;
import tyk.pojo.User;

import javax.servlet.*;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import javax.servlet.http.HttpSession;
import java.io.IOException;
import java.sql.SQLException;

/***
 *@title $NAME
 *@description <TODO description class purpose>
 *@author Tang'ya'kang
 *@VERSION 1.0.0
 *@CREATE 2023/5/29 0:40
 **/
public class ManageFilter implements Filter {
    public void destroy() {
    }

    public void doFilter(ServletRequest req, ServletResponse resp, FilterChain chain) throws ServletException, IOException {
        String sql="Select user_id,user_name,cnt from merchant where user_name = ?;";
        HttpServletRequest request= (HttpServletRequest) req;
        HttpServletResponse response= (HttpServletResponse) resp;
        HttpSession session = request.getSession();
        UserService userService=new UserService();
        User user= (User) session.getAttribute("User");
        Integer rows=0;
        try {
            rows=userService.executeQuery(sql,user.getUsername());
        } catch (SQLException throwables) {
            throwables.printStackTrace();
        }
        if(rows>0) chain.doFilter(req,resp);
        else response.sendRedirect("http://localhost:8080/JaveWeb/html/NoPermission.jsp");
    }

    public void init(FilterConfig config) throws ServletException {

    }

}
